关键词:
【中文标题】npm install issue:27 个漏洞(16 个中等,9 个高,2 个严重)要解决所有问题,运行:npm audit fix --force【英文标题】:npm install issue : 27 vulnerabilities (16 moderate, 9 high, 2 critical) To address all issues , run: npm audit fix --force 【发布时间】:2022-01-10 17:38:21 【问题描述】:当我在相关的react项目文件夹中输入npm install时,安装节点模块后返回此错误
27 vulnerabilities (16 moderate, 9 high, 2 critical)
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
npm audit fix --force 给出了这个输出 =>
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating react-scripts to 0.9.5,which is a SemVer major change.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated circular-json@0.3.3: CircularJSON is in maintenance only, flatted is its successor.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated eslint-loader@1.6.0: This loader has been deprecated. Please use eslint-webpack-plugin
npm WARN deprecated extract-text-webpack-plugin@1.0.1: Deprecated. Please use https://github.com/webpack-contrib/mini-css-extract-plugin
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated sane@1.4.1: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated browserslist@1.7.7: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated chokidar@1.7.0: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated babel-eslint@7.1.1: babel-eslint is now @babel/eslint-parser. This package will no longer receive updates.
npm WARN deprecated html-webpack-plugin@2.24.0: out of support
npm WARN deprecated svgo@0.7.2: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated core-js@2.6.12: core-js@<3.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Please, upgrade your dependencies to the actual version of core-js.
added 395 packages, removed 1253 packages, changed 287 packages, and audited 1099 packages in 3m
22 packages are looking for funding
run `npm fund` for details
# npm audit report
ansi-html *
Severity: high
Uncontrolled Resource Consumption in ansi-html - https://github.com/advisories/GHSA-whgm-jr23-g3j9
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/ansi-html
react-dev-utils 0.2.0 - 11.0.3
Depends on vulnerable versions of ansi-html
node_modules/react-dev-utils
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
braces <2.3.1
Regular Expression Denial of Service in braces - https://github.com/advisories/GHSA-g95f-p29q-9xw4
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/braces
micromatch 0.2.0 - 2.3.11
Depends on vulnerable versions of braces
Depends on vulnerable versions of parse-glob
node_modules/micromatch
anymatch 1.2.0 - 1.3.2
Depends on vulnerable versions of micromatch
node_modules/anymatch
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of glob-parent
node_modules/chokidar
watchpack 0.2.2 - 1.6.1
Depends on vulnerable versions of chokidar
node_modules/watchpack
http-proxy-middleware 0.3.0 - 0.17.4
Depends on vulnerable versions of micromatch
node_modules/http-proxy-middleware
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
webpack-dev-server <=3.1.10
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of open
Depends on vulnerable versions of optimist
node_modules/webpack-dev-server
jest-haste-map 16.1.0-alpha.691b0e22 - 24.0.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of sane
node_modules/jest-haste-map
jest-resolve 18.1.0 - 19.0.2
Depends on vulnerable versions of jest-haste-map
node_modules/jest-resolve
jest-cli 0.5.5 - 24.1.0
Depends on vulnerable versions of jest-config
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of node-notifier
Depends on vulnerable versions of sane
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 13.3.0-alpha.4eb0c908 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
jest-config 18.1.0 - 19.0.4
Depends on vulnerable versions of jest-resolve
node_modules/jest-config
jest-resolve-dependencies 18.1.0
Depends on vulnerable versions of jest-resolve
node_modules/jest-resolve-dependencies
jest-runtime 12.1.1-alpha.2935e14d - 24.0.0-alpha.16
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
test-exclude <=4.2.3
Depends on vulnerable versions of micromatch
node_modules/test-exclude
babel-plugin-istanbul <=5.0.0
Depends on vulnerable versions of test-exclude
node_modules/babel-plugin-istanbul
babel-jest 14.2.0-alpha.ca8bfb6e - 24.0.0-alpha.16
Depends on vulnerable versions of babel-plugin-istanbul
node_modules/babel-jest
color-string <1.5.5
Severity: moderate
Regular Expression Denial of Service (ReDOS) - https://github.com/advisories/GHSA-257v-vj4p-3w2h
fix available via `npm audit fix`
node_modules/color-string
color <=0.11.4
Depends on vulnerable versions of color-string
node_modules/color
colormin *
Depends on vulnerable versions of color
node_modules/colormin
postcss-colormin <=2.2.2
Depends on vulnerable versions of colormin
node_modules/postcss-colormin
cssnano <=3.10.0
Depends on vulnerable versions of postcss-colormin
Depends on vulnerable versions of postcss-svgo
node_modules/cssnano
debug <2.6.9
Regular Expression Denial of Service in debug - https://github.com/advisories/GHSA-gxpj-cx7g-858c
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/eslint-module-utils/node_modules/debug
eslint-module-utils 1.0.0-beta.0 - 2.0.0
Depends on vulnerable versions of debug
node_modules/eslint-module-utils
eslint-plugin-import 2.0.0-beta.0 - 2.1.0
Depends on vulnerable versions of eslint-module-utils
node_modules/eslint-plugin-import
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
glob-parent <5.1.2
Severity: high
Regular expression denial of service - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/glob-parent
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of glob-parent
node_modules/chokidar
watchpack 0.2.2 - 1.6.1
Depends on vulnerable versions of chokidar
node_modules/watchpack
glob-base *
Depends on vulnerable versions of glob-parent
node_modules/glob-base
parse-glob >=2.1.0
Depends on vulnerable versions of glob-base
node_modules/parse-glob
micromatch 0.2.0 - 2.3.11
Depends on vulnerable versions of braces
Depends on vulnerable versions of parse-glob
node_modules/micromatch
anymatch 1.2.0 - 1.3.2
Depends on vulnerable versions of micromatch
node_modules/anymatch
http-proxy-middleware 0.3.0 - 0.17.4
Depends on vulnerable versions of micromatch
node_modules/http-proxy-middleware
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
webpack-dev-server <=3.1.10
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of open
Depends on vulnerable versions of optimist
node_modules/webpack-dev-server
jest-haste-map 16.1.0-alpha.691b0e22 - 24.0.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of sane
node_modules/jest-haste-map
jest-resolve 18.1.0 - 19.0.2
Depends on vulnerable versions of jest-haste-map
node_modules/jest-resolve
jest-cli 0.5.5 - 24.1.0
Depends on vulnerable versions of jest-config
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of node-notifier
Depends on vulnerable versions of sane
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 13.3.0-alpha.4eb0c908 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
jest-config 18.1.0 - 19.0.4
Depends on vulnerable versions of jest-resolve
node_modules/jest-config
jest-resolve-dependencies 18.1.0
Depends on vulnerable versions of jest-resolve
node_modules/jest-resolve-dependencies
jest-runtime 12.1.1-alpha.2935e14d - 24.0.0-alpha.16
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
test-exclude <=4.2.3
Depends on vulnerable versions of micromatch
node_modules/test-exclude
babel-plugin-istanbul <=5.0.0
Depends on vulnerable versions of test-exclude
node_modules/babel-plugin-istanbul
babel-jest 14.2.0-alpha.ca8bfb6e - 24.0.0-alpha.16
Depends on vulnerable versions of babel-plugin-istanbul
node_modules/babel-jest
is-svg 2.1.0 - 4.2.1
Severity: high
Regular Expression Denial of Service (ReDoS) - https://github.com/advisories/GHSA-7r28-3m3f-r2pr
fix available via `npm audit fix`
node_modules/is-svg
js-yaml <=3.13.0
Severity: high
Denial of Service in js-yaml - https://github.com/advisories/GHSA-2pr6-76vf-7546
Code Injection in js-yaml - https://github.com/advisories/GHSA-8j8c-7jfh-h6hx
fix available via `npm audit fix`
node_modules/svgo/node_modules/js-yaml
svgo 0.4.2 - 1.0.5
Depends on vulnerable versions of js-yaml
node_modules/svgo
postcss-svgo <=2.1.6
Depends on vulnerable versions of svgo
node_modules/postcss-svgo
cssnano <=3.10.0
Depends on vulnerable versions of postcss-colormin
Depends on vulnerable versions of postcss-svgo
node_modules/cssnano
merge <2.1.1
Severity: high
Prototype Pollution in merge - https://github.com/advisories/GHSA-7wpw-2hjm-89gp
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/merge
exec-sh <=0.3.1
Depends on vulnerable versions of merge
node_modules/exec-sh
sane 1.0.4 - 4.0.1
Depends on vulnerable versions of exec-sh
node_modules/sane
jest-cli 0.5.5 - 24.1.0
Depends on vulnerable versions of jest-config
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of node-notifier
Depends on vulnerable versions of sane
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 13.3.0-alpha.4eb0c908 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
jest-haste-map 16.1.0-alpha.691b0e22 - 24.0.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of sane
node_modules/jest-haste-map
jest-resolve 18.1.0 - 19.0.2
Depends on vulnerable versions of jest-haste-map
node_modules/jest-resolve
jest-config 18.1.0 - 19.0.4
Depends on vulnerable versions of jest-resolve
node_modules/jest-config
jest-resolve-dependencies 18.1.0
Depends on vulnerable versions of jest-resolve
node_modules/jest-resolve-dependencies
jest-runtime 12.1.1-alpha.2935e14d - 24.0.0-alpha.16
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
mime <1.4.1
Severity: moderate
Regular Expression Denial of Service in mime - https://github.com/advisories/GHSA-wrvr-8mpx-r7pp
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/mime
url-loader 0.5.5 - 0.5.9
Depends on vulnerable versions of mime
node_modules/url-loader
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
minimist <0.2.1
Severity: moderate
Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/optimist/node_modules/minimist
optimist >=0.6.0
Depends on vulnerable versions of minimist
node_modules/optimist
webpack 0.11.0-beta1 - 2.0.2-beta
Depends on vulnerable versions of optimist
node_modules/webpack
extract-text-webpack-plugin <=1.0.1
Depends on vulnerable versions of webpack
node_modules/extract-text-webpack-plugin
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
webpack-dev-server <=3.1.10
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of open
Depends on vulnerable versions of optimist
node_modules/webpack-dev-server
node-notifier <8.0.1
Severity: moderate
OS Command Injection in node-notifier - https://github.com/advisories/GHSA-5fw9-fq32-wv5p
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/node-notifier
jest-cli 0.5.5 - 24.1.0
Depends on vulnerable versions of jest-config
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of node-notifier
Depends on vulnerable versions of sane
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 13.3.0-alpha.4eb0c908 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
open <6.0.0
Severity: critical
Command Injection in open - https://github.com/advisories/GHSA-28xh-wpgr-7fm8
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/open
webpack-dev-server <=3.1.10
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of open
Depends on vulnerable versions of optimist
node_modules/webpack-dev-server
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
react-dev-utils 0.2.0 - 11.0.3
Severity: high
Improper Neutralization of Special Elements used in an OS Command. - https://github.com/advisories/GHSA-5q6m-3h65-w53x
Depends on vulnerable versions of ansi-html
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/react-dev-utils
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
webpack-dev-server <=3.1.10
Severity: critical
Missing Origin Validation in webpack-dev-server - https://github.com/advisories/GHSA-cf66-xwfp-gvc4
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of open
Depends on vulnerable versions of optimist
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/webpack-dev-server
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
yargs-parser <=5.0.0
Severity: moderate
Prototype Pollution in yargs-parser - https://github.com/advisories/GHSA-p9pc-299p-vxgp
fix available via `npm audit fix --force`
Will install react-scripts@4.0.3, which is a breaking change
node_modules/yargs-parser
yargs 4.0.0-alpha1 - 7.0.0-alpha.3 || 7.1.1
Depends on vulnerable versions of yargs-parser
node_modules/yargs
jest-cli 0.5.5 - 24.1.0
Depends on vulnerable versions of jest-config
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of node-notifier
Depends on vulnerable versions of sane
Depends on vulnerable versions of yargs
jest 13.3.0-alpha.4eb0c908 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 4.0.0-next.117
Depends on vulnerable versions of eslint-plugin-import
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of jest
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of url-loader
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
jest-runtime 12.1.1-alpha.2935e14d - 24.0.0-alpha.16
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-resolve
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
48 vulnerabilities (12 low, 18 moderate, 16 high, 2 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
这在几周前运行良好,我什至清除了 npm 缓存,但问题仍然存在。 请在这个问题上帮助我。谢谢
【问题讨论】:
你使用的是什么版本的节点? 【参考方案1】:您需要运行 npm auidt fix,如果它不起作用,请尝试 npm audit fix --force
【讨论】:
您的答案可以通过额外的支持信息得到改进。请edit 添加更多详细信息,例如引用或文档,以便其他人可以确认您的答案是正确的。你可以找到更多关于如何写好答案的信息in the help center。【参考方案2】:我遇到了同样的问题,漏洞数量完全相同。
查看解决方案here
【讨论】:
谢谢。它在那里清楚地解释了Jetstream 与 Liviwere - Laravel 8 - 运行 npm install 时的节点漏洞
】Jetstream与Liviwere-Laravel8-运行npminstall时的节点漏洞【英文标题】:JetstreamwithLiviwere-Laravel8-Nodevulnerabilitieswhenrunnpminstall【发布时间】:2021-08-2403:17:41【问题描述】:我使用Sail安装带有Jetstream和Livewire的Laravel8。当我运行命令npminsta... 查看详情
错误:“npm install -g @ionic/cli”给了我“4 个高严重性漏洞”和“ERR!错误号-4058'
】错误:“npminstall-g@ionic/cli”给了我“4个高严重性漏洞”和“ERR!错误号-4058\\\'【英文标题】:Error:\'npminstall-g@ionic/cli\'givesme\'4highseverityvulnerabilities\'&\'ERR!errno-4058\'错误:“npminstall-g@ionic/cli”给了我“4个高严重性漏洞”和... 查看详情
npm install 遇到问题
】npminstall遇到问题【英文标题】:runintoproblemswithnpminstall【发布时间】:2021-10-1622:48:27【问题描述】:我只是从github克隆我的项目,但是当我运行npminstall时,发生了错误。这个项目在我的电脑上完美运行。但是,它甚至无法在... 查看详情
npm install 的 --save 选项是啥?
】npminstall的--save选项是啥?【英文标题】:Whatisthe--saveoptionfornpminstall?npminstall的--save选项是什么?【发布时间】:2013-11-0322:04:27【问题描述】:我看到了一些教程,其中的命令是:npminstall--save--save选项是什么意思?【问题讨论... 查看详情
Npm 漏洞无法修复
】Npm漏洞无法修复【英文标题】:Npmvulnerabilitiescan\'tbefixed【发布时间】:2021-09-0614:44:18【问题描述】:我开始学习react并通过运行创建了我的第一个应用程序:\'npxcreate-react-appmy-app\'构建应用程序后,我在终端中收到一条警告:2... 查看详情
npm install 完成时播放声音或通知
】npminstall完成时播放声音或通知【英文标题】:Playasoundornotifywhennpminstallisdone【发布时间】:2020-01-2408:27:08【问题描述】:我在想,在npm完成运行任务(例如长时间安装)后返回通知(声音或弹出窗口)是否有帮助和高效。我正... 查看详情
在 Elastic Beanstalk 上运行 npm install 时出现问题
】在ElasticBeanstalk上运行npminstall时出现问题【英文标题】:ProblemsrunningnpminstallonElasticBeanstalck【发布时间】:2017-11-0904:27:14【问题描述】:情况我有一个使用npm、bower和gulp作为前端的Laravel(5.4)应用程序。我在部署时已成功配置所... 查看详情
Npm audit 在创建新的 react native 项目时显示 9 个漏洞
】Npmaudit在创建新的reactnative项目时显示9个漏洞【英文标题】:Npmauditshows9vulnerabilitiesuponcreatinganewreactnativeproject【发布时间】:2018-10-2414:59:56【问题描述】:当我创建一个新的React本机项目并运行npmaudit时,我发现了9个漏洞。漏... 查看详情
npm install 在“eb create”节点 6.2.2 上失败
】npminstall在“ebcreate”节点6.2.2上失败【英文标题】:npminstallfailson`ebcreate`Node6.2.2【发布时间】:2017-02-0413:27:25【问题描述】:还有其他人有这个问题吗?1620verboseunsafe-perminlifecyclefalse1621infobufferutil@1.2.1Failedtoexecinstallscript1622verbos... 查看详情
如何修复 NPM 高危漏洞? (污染)
】如何修复NPM高危漏洞?(污染)【英文标题】:HowtofixNPMhighseverityvulnerabilities?(Pollution)【发布时间】:2021-06-3004:13:41【问题描述】:我想安装一些npm包,但总是遇到同样的错误“3个高危漏洞”当我按下npm审计修复时我总是这样... 查看详情
npm install quick.db 需要永远
】npminstallquick.db需要永远【英文标题】:npminstallquick.dbtakesforever【发布时间】:2021-03-1702:36:44【问题描述】:我正在尝试安装quick.db,但一直卡在下面一行。我尝试过npm重建,我尝试过重新安装节点,但没有任何效果。我已经等... 查看详情
npm install -g create-react-app 给出错误
】npminstall-gcreate-react-app给出错误【英文标题】:npminstall-gcreate-react-appgiveerrors【发布时间】:2021-02-2708:27:07【问题描述】:Thisiserrors这是我在输入npminstall-gcreate-react-app时遇到的错误,robofriend是我想创建的应用程序的名称提前感... 查看详情
npm-update 和 npm-install 可以给出不同的结果吗?
】npm-update和npm-install可以给出不同的结果吗?【英文标题】:Cannpm-updateandnpm-installgivedifferentresult?【发布时间】:2018-09-1120:18:23【问题描述】:假设我们有3个具有以下依赖项的包:C->B@^1.0.0和B->A@^1.0.0(模块C依赖于仅模块B版... 查看详情
npm install git+ssh 在 docker (node16) 中失败
】npminstallgit+ssh在docker(node16)中失败【英文标题】:npminstallgit+sshfailingindocker(node16)【发布时间】:2021-12-2617:09:15【问题描述】:谁能解释为什么从node:14-alpine切换到node:16-alpine会导致npminstall失败?>[8/10]RUN--mount=type=sshnpmi:#1414.27np... 查看详情
如何解决 npm install 在非 MAC 操作系统上抛出 fsevents 警告?
】如何解决npminstall在非MAC操作系统上抛出fsevents警告?【英文标题】:Howtosolvenpminstallthrowingfseventswarningonnon-MACOS?【发布时间】:2018-04-0608:28:27【问题描述】:npminstall命令引发以下警告-npmWARNoptionalSKIPPINGOPTIONALDEPENDENCY:fsevents@1.1.2(... 查看详情
如何修复这些漏洞? (npm audit fix 无法修复这些漏洞)
】如何修复这些漏洞?(npmauditfix无法修复这些漏洞)【英文标题】:Howtofixthesevulnerabilities?(npmauditfixfailstofixthesevulnerabilities)【发布时间】:2020-02-1520:35:23【问题描述】:我的项目有6个高度严重的漏洞,我不知道如何修复它们。... 查看详情
运行 npm install cordova 时 npm install 不起作用
】运行npminstallcordova时npminstall不起作用【英文标题】:npminstalldoesnotworkwhenrunningnpminstallcordova【发布时间】:2016-05-0311:54:05【问题描述】:我正在使用Ionic框架来构建混合应用程序。根据官网,我需要获取Node.js的4.2.4版本,其中包... 查看详情
使用“npm audit”时如何只检查高漏洞?
】使用“npmaudit”时如何只检查高漏洞?【英文标题】:Howtocheckforonlyhighvulnerabilitieswhenusing"npmaudit"?【发布时间】:2018-10-2303:43:46【问题描述】:当我使用新的npm6执行npminstall时我收到一条消息,告诉我我有一些漏洞:[!]... 查看详情